diff --git a/ROADMAP.md b/ROADMAP.md index ada11c7..a0bf38e 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -29,7 +29,7 @@ FlaskPaste v1.5.0 is deployed with comprehensive security hardening and abuse pr - CLI with list, search, update, export commands - Public certificate registration (PoW-protected) - CLI register command for certificate enrollment -- Comprehensive test suite (301 tests) +- Comprehensive test suite (337 tests) - Complete security pentest remediation (15 items) - PKI audit logging (certificate lifecycle events) - Request duration metrics (Prometheus histogram) @@ -108,7 +108,7 @@ Integrated certificate authority for mTLS: - `POST /pki/revoke/` - Revoke certificate - `GET /register/challenge` - Get PoW challenge for registration - `POST /register` - Public certificate registration (PoW-protected) -- CLI: `fpaste pki status`, `fpaste pki issue`, `fpaste pki revoke` +- CLI: `fpaste pki status`, `fpaste pki issue`, `fpaste pki download` - CLI: `fpaste register` - Self-service certificate enrollment ## Phase 4: Ecosystem (In Progress) @@ -141,8 +141,8 @@ Standalone Python CLI with encryption, PKI, and paste management: - `fpaste update ` - Update paste content/metadata - `fpaste export -o dir/` - Export all pastes to directory - `fpaste pki status` - Show PKI status -- `fpaste pki issue -n "name"` - Request client certificate (admin) -- `fpaste pki revoke ` - Revoke certificate +- `fpaste pki issue -n "name"` - Issue client certificate (admin) +- `fpaste pki download` - Download CA certificate - `fpaste register` - Self-service certificate registration - `fpaste register --configure` - Register and auto-configure client - Automatic retry on PoW failure (max 5 attempts) diff --git a/TODO.md b/TODO.md index e32802f..1f14522 100644 --- a/TODO.md +++ b/TODO.md @@ -7,6 +7,8 @@ Unstructured intake buffer for ideas, issues, and observations. Items here are r ## Ideas - Paste compression for large text content + - Must mark compression in URL fragment (e.g., `#z:` or `#:z`) + - Receiver needs to know content is compressed before decryption - ETag support for conditional requests - Neovim/Vim plugin for editor integration - Webhook notifications for paste events